US8805882B2ActiveUtilityA1

Programmatically enabling user access to CRM secured field instances based on secured field instance settings

80
Assignee: LEWIS ELLIOTPriority: Jan 20, 2011Filed: Jan 20, 2011Granted: Aug 12, 2014
Est. expiryJan 20, 2031(~4.5 yrs left)· nominal 20-yr term from priority
G06Q 30/01G06Q 30/00G06F 21/6218H04L 63/105H04L 63/20G06Q 10/00G06F 16/00H04L 63/10H04L 63/101H04L 63/107G06F 15/16G06F 17/30
80
PatentIndex Score
9
Cited by
40
References
19
Claims

Abstract

Access to customer relationship management (CRM) secured field instances is enabled based on field settings. A requester's identity determines action paths to be executed in order to enable access to fields. A client application's user privileges are inherited to enable access to secured fields. Such access through a granted privilege is provided through an API intermediating inheritance of user's privileges from client application.

Claims

exact text as granted — not AI-modified
What is claimed is: 
     
       1. A method executed by a computing device enabling access to customer relationship management (CRM) secured field instances, the method comprising:
 determining a profile of a user requesting access to a CRM secured field instance at a processor of the computing device; 
 determining a global access privilege of the user to access the CRM secured field instance based on the profile at the processor of the computing device; 
 storing, at a data store through the processor, one or more Principle Object Attribute Access (POAA) entities having a plurality of fields including: a security principal of one of: the user and a team, a shared access including one of: a read access and an update access, and the CRM secured field instance including: a target identifier, an instance type, and an attribute identifier; 
 retrieving a client application privilege of the user from the data store through the one or more POAA entities to retrieve the CRM field instance with a secured status upon determining the user not having a global read access at the processor of the computing device; 
 determining an action path to enable access to the CRM secured field based on a setting of the CRM secured field instance at the processor of the computing device; and 
 enabling the user to access the CRM secured field instance through a communication module of the computing device by executing the action path at the processor of the computing device. 
 
     
     
       2. The method of  claim 1 , further comprising:
 providing the user at least one from the set of: granting access, modifying access, and revoking access associated with the CRM secured field instance through the communication module of the computing device. 
 
     
     
       3. The method of  claim 1 , wherein the CRM field instance setting is one of a secured and unsecured status. 
     
     
       4. The method of  claim 1 , wherein the action path groups a plurality of CRM field instances. 
     
     
       5. The method of  claim 1 , wherein the action path groups a plurality of user profiles. 
     
     
       6. The method of  claim 1 , wherein determining the action path is based on at least one from the set of: a system resource utilization, a timed duration, and a usage limit. 
     
     
       7. The method of  claim 1 , wherein the action path adds a select query to a select list to retrieve the CRM field instance with an unsecured status. 
     
     
       8. The method of  claim 1 , wherein the action path adds a select query to a select list to retrieve the field instance with a secured status upon determining the user having a global read access. 
     
     
       9. The method of  claim 1 , wherein the action path inherits the client application privilege of the user and adds a select query with a join condition on a POAA table to a select list in order to retrieve the field instance with a secured status. 
     
     
       10. A customer relationship management (CRM) application server enabling access to CRM field instances, the server comprising:
 a memory; 
 a processor coupled to the memory, the processor executing an application in conjunction with instructions stored in the memory, wherein the application is configured to:
 determine a profile of a user requesting access to a CRM field instance having one of a secured and unsecured status setting; 
 determine a global update access privilege of the user to update the field instance based on the profile; 
 in response to the user not having the global update access privilege, throw an exception to initiate a process including one of:
 deny an update to the field instance, and 
 grant a limited update access including at least one of a read and a write access to the field instance; 
 
 retrieve a client application privilege of the user from a data store through one or more Principle Object Attribute Access (POAA) entity instances to retrieve the CRM field instance with a secured status upon determining the user not having a global read access; 
 grant one or more shared user privileges depending on POAA entity instance needs; 
 determine an action path to enable updating the field instance based on a setting of the CRM field instance; and 
 enable the user to update the field instance by executing the action path. 
 
 
     
     
       11. The server of  claim 10 , wherein the action path includes one of a write and delete action. 
     
     
       12. The server of  claim 10 , wherein the action path includes issuing an exception. 
     
     
       13. The server of  claim 10 , wherein the exception is used to grant a limited write access to the CRM field instance with an unsecured status. 
     
     
       14. The server of  claim 10 , wherein the action path includes allowing the user to update the secured field instance upon determining the user having the global update access. 
     
     
       15. The server of  claim 14 , wherein the application is further configured to determine the shared update access upon determining the user having no global access. 
     
     
       16. The server of  claim 15 , wherein the action path inherits the client application privilege of the user and adds a select query with a join condition on a POAA table to a select list in order to retrieve the field instance with a secured status. 
     
     
       17. A computing device for enabling access to customer relationship management (CRM) field instances, the computing device comprising:
 a memory for storing instructions; and 
 a processor configured to perform a method in conjunction with the instructions, the method comprising:
 determining a profile of a user requesting access to a CRM field instance having one of a secured and unsecured status setting; 
 determining a global access privilege of the user to access the CRM field instance based on the profile; 
 storing one or more Principle Object Attribute Access (POAA) entity instances having a plurality of fields including: a security principal of one of: the user and a team, a shared access including one of: a read access and an update access, and the CRM field instance including: a target identifier, an instance type, and an attribute identifier; 
 retrieving a client application privilege of the user from a data store through the one or more POAA entity instances to retrieve the CRM field instance with a secured status upon determining the user not having a global read access; 
 granting one or more shared user privileges depending on POAA entity instance needs; 
 determining an action path to one of grant, modify, and revoke access to the field instance based on a setting of the CRM field instance; and 
 enabling the user to access the field instance by executing the action path. 
 
 
     
     
       18. The computing device of  claim 17 , wherein the method further comprises:
 employing a create Application Programming Interface (API) for granting access to the secured field instance; 
 employing an update API to modify access to the secured field instance; and 
 employing a delete API to revoke access from the secured field instance. 
 
     
     
       19. The computing device of  claim 17 , wherein the user is a trusted client application.

Cited by (0)

No later patents cite this yet.

References (0)

No backward citations on record.